4914fae7234173dffd74560c87ba43b3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4914fae7234173dffd74560c87ba43b3_JaffaCakes118
Size

8.3MB
MD5

4914fae7234173dffd74560c87ba43b3
SHA1

5c9e930b2887ab7c8cb12451a166f59191bfe00d
SHA256

5b0aa29e0e7043e05d2bccd2a5dc5b083ee3d0db7f4645ce29dd5d201e53eb37
SHA512

5adc3b920bce8f0298d17af12215f52e70360cb13c95ddc7fd977cffffc6ce7a67f1703da6f1625561ce7f6bcce4bb8a14a1eae539372e12792a82da0621d45e
SSDEEP

196608:8YD+FAr254tQYD3YdPlDkpA3yn3MrN1Fq:HprO4bTEPlDk6ycxG

Score

3^/10

Malware Config

Signatures

Unsigned PE 54 IoCs

Checks for missing Authenticode signature.

resource
4914fae7234173dffd74560c87ba43b3_JaffaCakes118
unpack001/$PLUGINSDIR/ExecDos.dll
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$TEMPImg/AutoUpdate.exe
unpack001/$TEMPImg/Installer.exe
unpack002/$PLUGINSDIR/System.dll
unpack003/$PLUGINSDIR/CABSetup.dll
unpack003/$PLUGINSDIR/InetLoad.dll
unpack003/$PLUGINSDIR/InstallOptions.dll
unpack003/$PLUGINSDIR/ScrollLicense.dll
unpack003/$PLUGINSDIR/System.dll
unpack003/$PLUGINSDIR/UserInfo.dll
unpack004/Helper.dll
unpack004/ImageConversion.dll
unpack004/RSSReader_plugin.dll
unpack004/RadioPlugin.dll
unpack004/SearchComponent.dll
unpack004/Toolbar.dll
unpack004/TroubleShooter.exe
unpack004/bookmarksplugin.dll
unpack004/emailchecker_plugin.dll
unpack004/gedit.exe
unpack004/msgboxplugin.dll
unpack004/weatherplugin.dll
unpack003/$PLUGINSDIR/gplunger.dll
unpack003/$PLUGINSDIR/nsExec.dll
unpack003/$PLUGINSDIR/nsisFirewall.dll
unpack003/$PLUGINSDIR/textreplace.dll
unpack003/$PLUGINSDIR/unicode.dll
unpack002/$TEMPImg/VerControl.exe
unpack002/$TEMPImg/chk.exe
unpack002/Uninst.exe
unpack005/$PLUGINSDIR/Processes.dll
unpack001/ADPicker.dll
unpack001/AxInterop.MSTSCLib.dll
unpack001/AxInterop.WFICALib.dll
unpack001/ComponentFactory.Krypton.Toolkit.dll
unpack001/DiffieHellman.dll
unpack001/Interop.EOLWTSCOM.dll
unpack001/Interop.MSTSCLib.dll
unpack001/Interop.WFICALib.dll
unpack001/IrisSkin2.dll
unpack001/MagicLibrary.DLL
unpack001/Org.Mentalis.Security.dll
unpack001/Putty.exe
unpack001/RemoteManager.exe
unpack001/Tamir.SharpSSH.dll
unpack001/Uninst.exe
unpack006/$PLUGINSDIR/Processes.dll
unpack001/VncSharp.dll
unpack001/eolwtscom.dll
unpack001/tools/register.exe
unpack001/tools/register_y.exe

NSIS installer 9 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2
static1/unpack001/$TEMPImg/Installer.exe	nsis_installer_1
static1/unpack001/$TEMPImg/Installer.exe	nsis_installer_2
static1/unpack002/$TEMPImg/PazeraToolbar.exe	nsis_installer_1
static1/unpack002/Uninst.exe	nsis_installer_1
static1/unpack002/Uninst.exe	nsis_installer_2
static1/unpack001/Uninst.exe	nsis_installer_1
static1/unpack001/Uninst.exe	nsis_installer_2

Files

4914fae7234173dffd74560c87ba43b3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 60KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ExecDos.dll
.dll windows:4 windows x86 arch:x86

2dfc6a992d004b736e85c64219a88b4a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
TerminateProcess
Sleep
lstrcatA
lstrcmpiA
ReadFile
GetExitCodeProcess
PeekNamedPipe
CreateFileA
FlushFileBuffers
WriteFile
lstrlenA
CloseHandle
CreateProcessA
DuplicateHandle
GetCurrentProcess
CreatePipe
GlobalAlloc
lstrcpynA
GetExitCodeThread
WaitForSingleObject
lstrcpyA
CreateThread

user32

wsprintfA
GetClassNameA
GetDlgItem
FindWindowExA
SendMessageA

Exports

Exports

exec
isdone
wait

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 867B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 266B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/iOClean.ini
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp
$TEMPImg/AutoUpdate.exe
.exe windows:4 windows x86 arch:x86

9180e4a50ffbbdaaf0efc56a3138c8bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
HeapAlloc
HeapFree
GetProcessHeap
GetStartupInfoW
RaiseException
HeapReAlloc
ExitProcess
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
GetFileTime
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
GetFileAttributesW
FileTimeToLocalFileTime
SetErrorMode
GetTickCount
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
WritePrivateProfileStringW
FileTimeToSystemTime
lstrlenA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalFlags
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetCurrentProcessId
CloseHandle
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
GetModuleHandleA
GetThreadLocale
InterlockedIncrement
WideCharToMultiByte
InterlockedDecrement
GetModuleFileNameW
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
LoadLibraryW
FreeLibrary
CompareStringW
LoadLibraryA
lstrcmpW
GetModuleHandleW
GetProcAddress
GetVersionExA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
lstrlenW
MulDiv
GetLastError
SetLastError
MultiByteToWideChar
Sleep
FindResourceW
LoadResource
LockResource
FreeEnvironmentStringsA
SizeofResource

user32

PostThreadMessageW
ReleaseCapture
SetCapture
InvalidateRgn
InvalidateRect
SetRect
IsRectEmpty
CopyAcceleratorTableW
UnregisterClassW
DestroyMenu
LoadCursorW
GetSysColorBrush
SetWindowContextHelpId
MapDialogRect
GetDesktopWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
SetCursor
GetMessageW
TranslateMessage
GetCursorPos
ValidateRect
PostQuitMessage
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
IsWindowEnabled
MoveWindow
SetWindowTextW
IsDialogMessageW
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
IsWindow
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
SendMessageW
GetWindowRect
UnregisterClassA
GetParent
EnableWindow
PostMessageW
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetClientRect
GetMenu
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
RegisterClipboardFormatW
MessageBeep
GetNextDlgGroupItem
CharUpperW
SetWindowLongW
ShowWindow
GetActiveWindow
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuW
GetFocus
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetWindow
GetSystemMetrics
GetWindowPlacement
IsIconic
SystemParametersInfoA
IntersectRect
OffsetRect
SetWindowPos
GetWindowLongW
CallWindowProcW
DefWindowProcW
GetDlgCtrlID
PtInRect
CopyRect
AdjustWindowRectEx
ScreenToClient
EqualRect
CharNextW

gdi32

ExtSelectClipRgn
DeleteDC
CreateRectRgnIndirect
GetRgnBox
GetMapMode
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
CreateBitmap
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
RestoreDC
SaveDC
GetTextColor
GetBkColor
GetStockObject
GetObjectW
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
TextOutW

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegCreateKeyExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shlwapi

PathFindFileNameW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

oledlg

OleUIBusyW

ole32

OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CoRevokeClassObject
CoTaskMemAlloc
CoTaskMemFree
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CLSIDFromProgID

oleaut32

SysAllocStringLen
SysStringLen
SafeArrayUnaccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayAccessData
VariantInit
SafeArrayCreateVector
SysAllocString
SafeArrayDestroy
SafeArrayPutElement
SafeArrayCreate
SysFreeString
VariantChangeType
OleCreateFontIndirect
VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantClear

Sections

.text
Size: 220KB - Virtual size: 219KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$TEMPImg/Installer.exe
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 56KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMPImg/FVM.exe
.exe windows:4 windows x86 arch:x86

81638d02019c0bfcaaf23a9c69f2f12c

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

59:ab:9b:2e:e6:79:14:b7:df:4c:47:95:40:de:c5:61
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

17/01/2007, 00:00

Not After

23/03/2010, 23:59

Subject

CN=Conduit Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Conduit Ltd.,ST=Israel,C=IL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingA
WaitForSingleObject
CreateProcessA
GetCommandLineA
CloseHandle
UnmapViewOfFile
WriteFile
MapViewOfFile
DeleteFileA
GetTempFileNameA
GetTempPathA
CreateFileA
GetShortPathNameA
GetModuleFileNameA

user32

wsprintfA

Sections

.text
Size: 512B - Virtual size: 510B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 533B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$TEMPImg/PazeraToolbar.exe
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Code Sign

3d:f8:af:7b:51:bb:b2:8e:d5:80:38:2d:fa:a1:6e:37
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

27/04/2009, 00:00

Not After

26/04/2012, 23:59

Subject

CN=FreeCause\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=FreeCause\, Inc.,L=Boston,ST=Massachusetts,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/CABSetup.dll
.dll windows:4 windows x86 arch:x86

5070fa13a62547a5beae58004a204cbb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
lstrcpyA
lstrcpynA
GlobalAlloc
HeapFree
lstrcatA
lstrlenA
lstrcmpA
HeapAlloc
GetProcessHeap
CloseHandle
ReleaseMutex
WaitForSingleObject
OpenMutexA
WriteFile
GetFileAttributesA
GetLastError
ReadFile
CreateFileA
lstrcmpiA
GetNumberFormatA
GetLocaleInfoA
CreateDirectoryA
GetTickCount
Sleep
GetExitCodeProcess
CreateProcessA
FindClose
FindNextFileA
FindFirstFileA
CreateMutexA

user32

CreateWindowExA
MapWindowPoints
GetWindowRect
GetDlgItem
CallWindowProcA
wvsprintfA
SetDlgItemTextA
GetDlgItemTextA
GetWindowLongA
wsprintfA
FindWindowExA
SetForegroundWindow
MoveWindow
FindWindowA
GetDesktopWindow
DestroyWindow
EnableWindow
SetWindowLongA
ShowWindow
SendMessageA
UpdateWindow

setupapi

SetupIterateCabinetA
SetupPromptForDiskA

Exports

Exports

BuildSetupFiles
DataSetSize
Extract

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 212B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InetLoad.dll
.dll windows:4 windows x86 arch:x86

24a4a671f5cc294ce3543d18a1e873cd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

strchr
_adjust_fdiv
malloc
_initterm
free
memset
strstr
strtol
strncmp
strtoul
time
strrchr

kernel32

GlobalFree
lstrcpynA
CreateThread
WaitForSingleObject
TerminateThread
GetModuleHandleA
lstrcpyA
GlobalAlloc
LoadLibraryA
GetProcAddress
lstrcmpiA
CreateFileA
lstrcmpA
lstrlenA
MulDiv
WriteFile
lstrcatA
GetLastError
DeleteFileA
CloseHandle
SleepEx

user32

GetDlgItem
SendMessageA
SetWindowTextA
wsprintfA
GetWindowTextA
RegisterWindowMessageA
CallWindowProcA
PostMessageA
DestroyWindow
EnableWindow
GetWindowLongA
CreateWindowExA
GetWindowRect
GetClientRect
ShowWindow
IsWindowVisible
GetFocus
MessageBoxA
SendDlgItemMessageA
SetDlgItemTextA
SetTimer
LoadIconA
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
IsWindow
CreateDialogParamA
FindWindowExA
RedrawWindow
SetWindowLongA

wininet

InternetErrorDlg
InternetSetFilePointer
HttpQueryInfoA
InternetQueryOptionA
HttpSendRequestA
HttpAddRequestHeadersA
InternetSetOptionA
HttpOpenRequestA
FtpOpenFileA
InternetGetLastResponseInfoA
InternetConnectA
InternetCrackUrlA
InternetOpenA
InternetReadFile
InternetCloseHandle

comctl32

ord17

Exports

Exports

load

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

57354bdeea3dfae6e948101add87501a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
GetPrivateProfileIntA
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
MultiByteToWideChar
GlobalAlloc

user32

GetDlgCtrlID
GetClientRect
SetWindowRgn
MapWindowPoints
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
PtInRect
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
LoadIconA

gdi32

SetTextColor
GetObjectA
SelectObject
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
CreateCompatibleDC

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 954B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ScrollLicense.dll
.dll windows:4 windows x86 arch:x86

674bbf1e72dbf6f2664d8aea288261e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiA
lstrlenW
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameA
GetLastError
LeaveCriticalSection
EnterCriticalSection
WideCharToMultiByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
IsDBCSLeadByte
LCMapStringW
LCMapStringA
LoadLibraryA
IsBadCodePtr
IsBadReadPtr
GetOEMCP
GetCPInfo
GetStringTypeW
GetStringTypeA
InterlockedDecrement
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
WriteFile
UnhandledExceptionFilter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
HeapSize
SetUnhandledExceptionFilter
TerminateProcess
GetProcAddress
TlsGetValue
TlsSetValue
TlsFree
SetLastError
TlsAlloc
IsBadWritePtr
InterlockedIncrement
lstrlenA
CompareStringA
HeapAlloc
GlobalFree
GetProcessHeap
HeapFree
GetCurrentProcess
FlushInstructionCache
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GlobalAlloc
lstrcpynA
VirtualFree
HeapCreate
HeapDestroy
ExitProcess
GetCommandLineA
GetCurrentThreadId
HeapReAlloc
VirtualQuery
GetSystemInfo
lstrcpyA
GetSystemTimeAsFileTime
RtlUnwind
VirtualProtect
VirtualAlloc

user32

SetWindowLongA
DrawTextA
SendMessageA
UpdateWindow
IsWindowEnabled
GetSysColor
GetFocus
DrawFocusRect
FillRect
EndPaint
BeginPaint
GetDlgCtrlID
GetCursorPos
ScreenToClient
SetCursor
DestroyWindow
InvalidateRect
PtInRect
SetFocus
SetCapture
GetWindowLongA
ReleaseCapture
GetCapture
FindWindowExA
GetDlgItem
CallWindowProcA
SetRectEmpty
GetClassNameA
LoadCursorA
OffsetRect
ReleaseDC
GetDC
DefWindowProcA
CharNextA
SetWindowPos
IsWindow
GetParent
GetClientRect
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
CreateWindowExA

gdi32

SetBkMode
SetTextColor
GetStockObject
DeleteDC
DeleteObject
SelectObject
GetObjectA
CreateFontIndirectA

advapi32

RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegQueryValueExA

shell32

ShellExecuteA

ole32

CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc

oleaut32

VarUI4FromStr

comctl32

_TrackMouseEvent

Exports

Exports

Set
Unload

Sections

.text
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GetLastError
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 494B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/UserInfo.dll
.dll windows:4 windows x86 arch:x86

48cfa0ea7e353e4a7dd23572da8374ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
GetCurrentThread
GetCurrentProcess
GetLastError
GlobalFree
CloseHandle
lstrcpynA
GlobalAlloc

advapi32

OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
GetUserNameA
OpenThreadToken

Exports

Exports

GetAccountType
GetName

Sections

.text
Size: 1024B - Virtual size: 573B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 45B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/dca.ini
$PLUGINSDIR/frtb_static_files.cab
.cab
Helper.dll
.dll regsvr32 windows:5 windows x86 arch:x86

34a3df05d2cc08ee3da4457ce628c357

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Work\.Current\Freecause\Trunk\SVN.Trunk\package\Helper.pdb

Imports

shlwapi

PathStripPathW
PathRemoveFileSpecW
UrlIsW
PathFileExistsW
PathAppendW

rpcrt4

UuidFromStringA

wininet

HttpQueryInfoA
HttpSendRequestW
HttpAddRequestHeadersW
InternetSetStatusCallbackW
HttpOpenRequestA
InternetConnectW
InternetOpenW
InternetCloseHandle
InternetCrackUrlW
InternetReadFile

urlmon

ObtainUserAgentString
IsValidURL

url

InetIsOffline

kernel32

GetStringTypeW
GetStringTypeA
LCMapStringA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetStdHandle
InitializeCriticalSectionAndSpinCount
CreateThread
WaitForSingleObject
GetExitCodeThread
TerminateThread
GetVersionExW
LoadLibraryW
GetProcAddress
InterlockedDecrement
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
ReleaseMutex
SetEvent
SwitchToThread
CreateEventW
CloseHandle
DeleteFileW
MoveFileW
lstrlenW
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
SetLastError
RaiseException
GetVersion
FreeLibrary
lstrlenA
MultiByteToWideChar
GetModuleFileNameW
GetFileSize
ReadFile
CreateFileW
CreateMutexA
GetModuleHandleW
lstrcmpiW
GetLastError
LoadLibraryExW
GetLocaleInfoA
DisableThreadLibraryCalls
SetThreadPriority
ResumeThread
CreateSemaphoreW
ReleaseSemaphore
WriteFile
Sleep
IsBadReadPtr
GetTimeZoneInformation
GetModuleHandleA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameA
HeapCreate
GetStartupInfoA
GetFileType
SetEndOfFile
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
VirtualQuery
CompareStringA
CompareStringW
GetStdHandle
SetHandleCount
SetFilePointer
ExitProcess
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
RtlUnwind
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GlobalAddAtomA
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
HeapSize
HeapReAlloc
HeapAlloc
SetEnvironmentVariableA
InterlockedIncrement
HeapFree
GetProcessHeap
HeapDestroy

user32

GetWindowLongW
SetWindowLongW
DefWindowProcW
LoadCursorW
GetClassInfoExW
RegisterClassExW
SendMessageTimeoutW
CreateWindowExW
SendMessageW
PostMessageW
KillTimer
SetTimer
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
CharNextW
CallWindowProcW
FindWindowW
UnregisterClassA
IsWindow
MessageBoxW

advapi32

RegDeleteValueW
RegDeleteKeyW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
GetUserNameW

shell32

DoEnvironmentSubstW

ole32

CoInitialize
CoUninitialize
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
StringFromGUID2
CoCreateInstance

oleaut32

VariantCopy
VariantInit
VariantClear
VariantChangeType
LoadRegTypeLi
UnRegisterTypeLi
LoadTypeLi
SysStringLen
RegisterTypeLi
VarUI4FromStr
SysAllocString
SysFreeString

dnsapi

DnsQuery_W

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetDownloadManager
GetHelperObject
IsUnicode
StaticCallJS

Sections

.text
Size: 169KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SHARED
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ImageConversion.dll
.dll windows:5 windows x86 arch:x86

44781c6895de7935eaa213d8ae356e35

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
HeapFree
HeapAlloc
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
GetCurrentThreadId
GetCommandLineA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
HeapCreate
HeapDestroy
VirtualFree
DeleteCriticalSection
VirtualAlloc
HeapReAlloc
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetFileType
GetStartupInfoA
SetStdHandle
GetSystemTimeAsFileTime
CloseHandle
CreateFileA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
MultiByteToWideChar
ReadFile
GetModuleHandleA
SetFilePointer
InitializeCriticalSectionAndSpinCount
LoadLibraryA
SetEndOfFile
GetProcessHeap
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
HeapSize
RaiseException

Exports

Exports

ConvertToBMP
UnpackGzip

Sections

.text
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
RSSReader_plugin.dll
.dll windows:5 windows x86 arch:x86

a654a29e2f99af5247506fac6ee4864b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Work\.Current\Freecause\Trunk\SVN.Trunk\package\RSSReader_plugin.pdb

Imports

wininet

InternetCrackUrlW

shlwapi

PathAppendW
PathFileExistsW
PathRemoveFileSpecW

urlmon

URLDownloadToCacheFileW

kernel32

LoadLibraryExW
GetModuleFileNameW
InterlockedIncrement
LoadLibraryW
GetCurrentProcess
FlushInstructionCache
GetCurrentThreadId
Sleep
OutputDebugStringW
SetLastError
lstrcpyW
CompareStringW
GetStringTypeW
GetStringTypeA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetConsoleMode
GetConsoleCP
SetFilePointer
GetModuleHandleA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetLastError
LCMapStringA
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetTimeZoneInformation
HeapCreate
ExitProcess
GetModuleFileNameA
GetStdHandle
WriteFile
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
RtlUnwind
GetCommandLineA
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GlobalAddAtomA
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
HeapSize
HeapReAlloc
HeapAlloc
HeapDestroy
GetProcessHeap
HeapFree
lstrlenA
RaiseException
lstrcmpiW
FreeLibrary
GetModuleHandleW
GetProcAddress
MultiByteToWideChar
CloseHandle
ReadFile
GetFileSize
CreateFileW
VirtualQuery
InterlockedDecrement
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WideCharToMultiByte
lstrlenW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
CompareStringA
SetEnvironmentVariableA
SetHandleCount

user32

FillRect
OffsetRect
DrawTextW
ReleaseDC
GetDC
GetWindowTextLengthW
CreateWindowExW
LoadCursorW
GetClassNameW
ScreenToClient
GetCapture
SetCursor
PtInRect
InvalidateRect
EndPaint
BeginPaint
DestroyIcon
SetRectEmpty
DestroyWindow
CreateDialogParamW
EndDialog
DialogBoxParamW
GetActiveWindow
SetCapture
UpdateWindow
IsWindowEnabled
CheckRadioButton
IsDlgButtonChecked
DispatchMessageW
TranslateMessage
PeekMessageW
GetCursorPos
IsWindow
CheckDlgButton
GetDlgCtrlID
SendMessageW
CallWindowProcW
DefWindowProcW
SetWindowLongW
SetActiveWindow
GetSysColor
GetDlgItemTextW
SetFocus
EnumChildWindows
GetWindowTextW
SetWindowTextW
GetWindow
GetWindowLongW
MonitorFromWindow
GetMonitorInfoW
GetWindowRect
GetParent
GetClientRect
MapWindowPoints
SetWindowPos
MessageBoxW
GetDlgItem
EnableWindow
SetDlgItemTextW
CharNextW
SetTimer
PostMessageW
KillTimer
UnregisterClassA
GetFocus
DrawFocusRect
FindWindowW
ReleaseCapture

gdi32

GetObjectW
GetStockObject
CreateSolidBrush
SetBkMode
DeleteObject
SetTextColor
CreateFontIndirectW
SelectObject

advapi32

RegEnumKeyExW
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW
RegDeleteKeyW
RegOpenKeyExW
RegQueryInfoKeyW
RegDeleteValueW
RegCloseKey

ole32

CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance

oleaut32

VariantInit
VariantClear
SysStringLen
SysAllocStringByteLen
VarUI4FromStr
VarBstrCmp
SysAllocString
SysFreeString

comctl32

ImageList_DragMove
ImageList_EndDrag
ImageList_DragLeave
ImageList_Create
ImageList_Destroy
ImageList_LoadImageW
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_DragEnter
_TrackMouseEvent
ImageList_BeginDrag

Exports

Exports

GetDownloadManager
IsUnicode
PlugCreate
PlugInit
PlugInvoke
PlugTerm

Sections

.text
Size: 251KB - Virtual size: 251KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
RadioPlugin.dll
.dll windows:5 windows x86 arch:x86

8e37a09dc6394fe8978f45de107c05a9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Work\.Current\Freecause\Trunk\SVN.Trunk\package\RadioPlugin.pdb

Imports

urlmon

URLDownloadToFileW
URLDownloadToCacheFileW
IsValidURL

wininet

InternetCloseHandle
InternetOpenA
InternetConnectW
HttpOpenRequestW
HttpSendRequestA
HttpQueryInfoW
InternetCrackUrlW

kernel32

GetModuleFileNameW
OutputDebugStringA
InterlockedDecrement
InterlockedIncrement
lstrlenW
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
lstrcmpW
Sleep
GetTickCount
lstrlenA
MultiByteToWideChar
FreeLibrary
LoadLibraryExW
lstrcmpiW
GlobalFree
WideCharToMultiByte
GlobalReAlloc
LoadLibraryA
GetFullPathNameW
FindFirstFileW
GetVersionExW
lstrcpynW
CompareStringW
FindClose
FindNextFileW
lstrcpyW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
LCMapStringW
LCMapStringA
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
LoadLibraryW
GetCPInfo
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
HeapCreate
RtlUnwind
GetCommandLineA
CreateThread
ResumeThread
CloseHandle
ExitThread
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GlobalAddAtomA
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetLastError
GetFileAttributesW
GetVersion
GetProcAddress
GetModuleHandleW
GetModuleHandleA
SetLastError
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
GetTimeZoneInformation
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
CompareStringA
SetEnvironmentVariableA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetACP
VirtualQuery

user32

GetAncestor
SetActiveWindow
SetRect
DispatchMessageW
TranslateMessage
GetWindowThreadProcessId
SetWindowsHookExW
CallNextHookEx
DrawTextW
GetMessageW
UnhookWindowsHookEx
OffsetRect
GetWindowRect
MessageBoxW
ShowWindow
WindowFromPoint
GetCursorPos
GetCapture
PostMessageW
FindWindowW
LoadImageW
UpdateWindow
EnableWindow
SetWindowRgn
SetParent
KillTimer
DestroyIcon
CopyRect
GetMonitorInfoW
MapWindowPoints
SetDlgItemTextW
GetDlgItemTextW
CheckRadioButton
GetActiveWindow
CreateDialogParamW
IsDlgButtonChecked
EnumChildWindows
EndDialog
SystemParametersInfoW
PtInRect
AdjustWindowRectEx
DrawFocusRect
GetSystemMetrics
InflateRect
DrawEdge
IsWindowEnabled
SetTimer
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
BeginPaint
EndPaint
IsChild
GetFocus
GetWindow
IsWindow
GetClassNameW
GetSysColor
CharNextW
SetWindowPos
RedrawWindow
GetClassInfoExW
CreateWindowExW
DestroyWindow
CreateAcceleratorTableW
ClientToScreen
GetParent
ScreenToClient
MoveWindow
SetCapture
ReleaseCapture
FillRect
GetClientRect
InvalidateRgn
InvalidateRect
GetDC
ReleaseDC
GetDesktopWindow
DestroyAcceleratorTable
LoadCursorW
RegisterClassExW
GetDlgItem
GetDlgCtrlID
SendMessageW
CallWindowProcW
DefWindowProcW
GetWindowLongW
SetWindowLongW
SetFocus
UnregisterClassA
SetCursor
DialogBoxParamW
SetRectEmpty
MonitorFromWindow
GetMenu

gdi32

CreateDIBSection
ExtCreateRegion
CombineRgn
StretchBlt
CreateRectRgnIndirect
GetTextExtentPoint32W
SetTextColor
SetBkMode
CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
DeleteDC
GetStockObject
GetObjectW
CreateFontIndirectW
DeleteObject
GetDeviceCaps

advapi32

RegSetValueExW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW
RegCreateKeyExW
RegQueryValueExW

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc

ole32

CLSIDFromString
CLSIDFromProgID
CoGetClassObject
CoCreateInstance
OleInitialize
OleLockRunning
StringFromGUID2
CoTaskMemAlloc
OleUninitialize
CoUnmarshalInterface
CoTaskMemRealloc
CoTaskMemFree
CoMarshalInterface
CoInitialize
CoUninitialize
CreateStreamOnHGlobal

oleaut32

VariantInit
VarBstrCmp
VarUI4FromStr
DispCallFunc
SysAllocStringLen
VariantClear
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
SysAllocString
SysFreeString
SysStringLen

shlwapi

PathIsDirectoryW
PathFileExistsW
PathAppendW
PathStripPathW
UrlEscapeW
PathRemoveFileSpecW
PathFindExtensionW
PathRemoveExtensionW

Exports

Exports

IsUnicode
LaunchRadioServer
PlugCreate
PlugInit
PlugInvoke
PlugTerm

Sections

.text
Size: 256KB - Virtual size: 256KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SearchComponent.dll
.dll windows:5 windows x86 arch:x86

6299116dafc34c4ef19d19e43b8d6694

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Work\.Current\Freecause\Trunk\SVN.Trunk\package\SearchComponent.pdb

Imports

urlmon

IsValidURL

kernel32

WaitForSingleObject
ReleaseMutex
CloseHandle
SetEvent
CreateEventW
CreateMutexW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
SetLastError
RaiseException
FreeLibrary
lstrlenW
GetProcAddress
GetModuleHandleW
lstrcmpiW
GetLastError
LoadLibraryExW
InterlockedDecrement
InterlockedIncrement
CreateFileW
GetFileSize
ReadFile
CompareStringW
CompareStringA
CreateFileA
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
GetConsoleMode
GetConsoleCP
GetStringTypeW
MultiByteToWideChar
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
SetEnvironmentVariableA
GetModuleFileNameW
HeapSize
GetStringTypeA
LCMapStringA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetTimeZoneInformation
GetModuleHandleA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
lstrlenA
WideCharToMultiByte
HeapFree
GetProcessHeap
HeapDestroy
HeapAlloc
HeapReAlloc
VirtualQuery
InterlockedCompareExchange
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
GlobalAddAtomA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitThread
ResumeThread
CreateThread
GetCommandLineA
RtlUnwind
GetSystemTimeAsFileTime
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapCreate
Sleep
ExitProcess
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
SetFilePointer
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW

user32

CharNextW
CreateWindowExW
GetWindowLongW
SetWindowLongW
DefWindowProcW
LoadCursorW
GetClassInfoExW
RegisterClassExW
SendMessageW
SendMessageTimeoutW
SetTimer
KillTimer
DispatchMessageW
GetMessageW
CallWindowProcW
UnregisterClassA
IsWindow
FindWindowW

advapi32

RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW

ole32

CoInitialize
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoTaskMemRealloc

oleaut32

VariantClear
VarUI4FromStr
SysFreeString
SysAllocString

shlwapi

UrlEscapeW

Exports

Exports

IsUnicode
PlugCreate
PlugInit
PlugInvoke
PlugTerm

Sections

.text
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SHARED
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Toolbar.dll
.dll regsvr32 windows:5 windows x86 arch:x86

be7add6560b15c5bc3f7a0b1f583a08e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Work\.Current\Freecause\Trunk\SVN.Trunk\package\Toolbar.pdb

Imports

urlmon

ObtainUserAgentString
IsValidURL
URLDownloadToFileW

wininet

InternetConnectA
InternetOpenA
InternetCrackUrlA
InternetCrackUrlW
InternetGetConnectedState
InternetSetCookieW
InternetGetCookieW
FindCloseUrlCache
FindNextUrlCacheEntryW
InternetQueryOptionW
FindFirstUrlCacheEntryW
InternetCloseHandle
InternetErrorDlg
HttpQueryInfoA
HttpSendRequestW
HttpOpenRequestA
InternetConnectW
InternetOpenW
InternetSetOptionW
HttpAddRequestHeadersA
DeleteUrlCacheEntryW
InternetReadFile

shlwapi

PathIsRelativeW
PathFindFileNameW
UrlUnescapeW
SHDeleteKeyW
SHCopyKeyW
PathIsDirectoryW
PathStripPathW
UrlIsW
PathRemoveFileSpecW
PathFileExistsW
PathAppendW

rpcrt4

UuidFromStringW
UuidToStringW
UuidCreate
RpcStringFreeW

setupapi

SetupIterateCabinetW

dbghelp

SymGetSymFromAddr
SymCleanup
SymLoadModule
SymInitialize
SymSetOptions
SymFunctionTableAccess
StackWalk
SymGetLineFromAddr
SymGetModuleBase
SymGetOptions

winmm

PlaySoundW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

kernel32

RtlUnwind
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
GetTimeZoneInformation
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetFileAttributesW
GetVersion
WideCharToMultiByte
lstrlenW
RaiseException
InitializeCriticalSection
DeleteCriticalSection
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
GetLastError
lstrcmpiW
LoadLibraryW
SetLastError
GetModuleFileNameW
OutputDebugStringA
LoadLibraryExW
InterlockedIncrement
InterlockedDecrement
FreeLibrary
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
FlushInstructionCache
GetCurrentProcess
GetCurrentThreadId
Sleep
lstrcpyW
HeapFree
GetProcessHeap
GlobalAlloc
lstrcmpW
MulDiv
GlobalUnlock
GlobalLock
lstrlenA
DeleteFileW
CopyFileW
GlobalFree
GlobalHandle
GetCurrentProcessId
LocalFree
FindNextFileW
FindClose
WaitForSingleObject
IsDebuggerPresent
CreateMutexA
CloseHandle
GetFullPathNameW
FindFirstFileW
GetFileAttributesExW
GetVersionExW
GetCurrentThread
CreateDirectoryW
RemoveDirectoryW
MoveFileW
CreateMutexW
WriteFile
CreateFileW
LoadLibraryA
DisableThreadLibraryCalls
lstrcatW
GlobalDeleteAtom
GlobalAddAtomW
GlobalGetAtomNameW
ResumeThread
SetThreadPriority
CreateThread
LocalAlloc
GetFileTime
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
SetEvent
CreateEventW
OutputDebugStringW
OpenProcess
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
Module32NextW
Module32FirstW
TerminateProcess
GetShortPathNameW
GlobalGetAtomNameA
GetTickCount
ReadFile
GetFileSize
QueueUserWorkItem
SetUnhandledExceptionFilter
HeapAlloc
IsBadWritePtr
ReadProcessMemory
lstrcpynW
IsBadCodePtr
IsBadReadPtr
WinExec
TerminateThread
OpenThread
SetFileAttributesW
CreateProcessW
MoveFileExW
DebugBreak
SetCurrentDirectoryW
UnhandledExceptionFilter
GlobalAddAtomA
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InterlockedExchange
HeapDestroy
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetSystemTimeAsFileTime
VirtualProtect
GetSystemInfo
VirtualQuery
ExitThread
GetCommandLineA
HeapCreate
ExitProcess
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
FlushFileBuffers
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
LCMapStringA
CompareStringA
CompareStringW
SetEnvironmentVariableA
HeapReAlloc
HeapSize
ReleaseMutex
InterlockedCompareExchange

user32

EnableWindow
CheckDlgButton
CheckRadioButton
IsDlgButtonChecked
SetParent
EnumWindows
SetRect
SubtractRect
GetLayeredWindowAttributes
AnimateWindow
SendMessageTimeoutW
SetLastErrorEx
DialogBoxParamW
wsprintfW
GetActiveWindow
LoadBitmapW
SetActiveWindow
AppendMenuW
ValidateRect
GetWindowRgnBox
RemoveMenu
GetMenuItemCount
CreatePopupMenu
IsMenu
LoadCursorFromFileW
DestroyCursor
UpdateWindow
LoadImageW
OffsetRect
FrameRect
GetWindowDC
CopyRect
MapWindowPoints
GetMessagePos
GetSystemMetrics
GetIconInfo
SetCursor
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
GetWindowThreadProcessId
MessageBoxW
GetKeyState
CreateAcceleratorTableW
GetFocus
DestroyAcceleratorTable
GetDesktopWindow
BeginPaint
EndPaint
DrawTextW
ReleaseCapture
GetDlgItem
IsChild
SetCapture
InvalidateRgn
ScreenToClient
MoveWindow
GetSysColor
DialogBoxIndirectParamW
IsRectEmpty
CharUpperBuffW
SetWindowsHookExW
SetDlgItemTextW
SetWindowContextHelpId
MapDialogRect
EndDialog
GetMessageW
EnumChildWindows
CallNextHookEx
UnhookWindowsHookEx
SetLayeredWindowAttributes
PeekMessageW
TranslateMessage
UpdateLayeredWindow
GetAncestor
ClientToScreen
EnumThreadWindows
GetParent
GetClassNameW
PostMessageW
CreateWindowExW
GetClassInfoExW
RegisterClassExW
CallWindowProcW
DefWindowProcW
LoadCursorW
IsWindow
GetWindow
SetFocus
KillTimer
SetTimer
RedrawWindow
IsWindowVisible
ShowWindow
InvalidateRect
ReleaseDC
GetDC
GetClientRect
GetWindowRect
SetWindowPos
SendMessageW
GetWindowLongW
SetWindowLongW
DestroyWindow
CharLowerBuffW
CharNextW
CreateDialogParamW
MonitorFromWindow
GetMonitorInfoW
SystemParametersInfoW
AdjustWindowRectEx
GetDlgCtrlID
IsWindowEnabled
GetMenu
PtInRect
GetMenuItemInfoW
GetCapture
GetAsyncKeyState
TrackPopupMenu
GetCursorPos
DestroyMenu
DrawEdge
DestroyIcon
FillRect
SetWindowRgn
UnregisterClassA
FindWindowW
DispatchMessageW

gdi32

SetBkMode
SelectObject
DeleteObject
GetTextExtentPointW
MoveToEx
LineTo
CreateRectRgnIndirect
RestoreDC
SaveDC
CombineRgn
GetPixel
TextOutW
CreateBrushIndirect
StretchBlt
SetBkColor
SetTextColor
SetViewportOrgEx
CreatePatternBrush
GetTextMetricsW
CreateRectRgn
SelectClipRgn
CreateSolidBrush
CreatePen
GetObjectW
ExcludeClipRect
CreateFontIndirectW
ExtTextOutW
DeleteDC
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
GetStockObject
GetDeviceCaps
CreateDIBSection
CreateFontW
GetTextExtentPoint32W

shell32

SHFileOperationW
ShellExecuteW
DragQueryFileW
DoEnvironmentSubstW

ole32

OleDraw
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoMarshalInterThreadInterfaceInStream
CoGetInterfaceAndReleaseStream
StringFromGUID2
OleLockRunning
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal
CoCreateGuid
OleInitialize
OleUninitialize
CoInitialize
ReleaseStgMedium
CoUninitialize
RegisterDragDrop

oleaut32

SysStringLen
SysFreeString
VarUI4FromStr
LoadRegTypeLi
LoadTypeLi
VarBstrCmp
VariantInit
VariantClear
SysAllocString
SysAllocStringByteLen
SysStringByteLen
SysAllocStringLen
VariantCopy
VariantChangeType
OleCreateFontIndirect
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreate
CreateDispTypeInfo
DispCallFunc
DispGetIDsOfNames
DispInvoke
SafeArrayDestroy
SafeArrayCreateVector
UnRegisterTypeLi
RegisterTypeLi
VarBstrCat

Exports

Exports

AttachProxyInstance
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
FixTypeLib
TBCOM_GetComponent
ToolbarUpdateProc
raw_CheckRedirection
raw_IsWellFormedXML
raw_ParseIndependentVars
raw_ReportError

Sections

.text
Size: 957KB - Virtual size: 956KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 313KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SHARED
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TroubleShooter.exe
.exe windows:5 windows x86 arch:x86

7e560e1cf79aa015363d94a640ecdbbb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
GetProcAddress
lstrlenW
WideCharToMultiByte
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
GetStartupInfoW
GetLastError
HeapFree
HeapAlloc
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW

user32

MessageBoxW

advapi32

RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegCreateKeyW

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
aboutTabs.7.js
.js
aboutTabs.8.js
.js
audio.bmp
banner_container.html
.html .js polyglot
blockcursor.cur
blocksound.wav
bookmark_off.bmp
bookmark_on.bmp
bookmarksplugin.dll
.dll windows:5 windows x86 arch:x86

e563b5e0ac42ca459ba9f51cfd361743

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Work\.Current\Freecause\Trunk\SVN.Trunk\package\bookmarksplugin.pdb

Imports

kernel32

GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
LoadLibraryW
lstrlenA
FindClose
SetLastError
GetFullPathNameW
FindFirstFileW
lstrcpyW
FindNextFileW
GetPrivateProfileStringW
GetCurrentProcessId
CreateMutexW
SetEnvironmentVariableA
CompareStringW
CompareStringA
CreateFileA
FlushFileBuffers
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetStringTypeW
GetStringTypeA
LCMapStringA
InterlockedIncrement
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetTimeZoneInformation
GetModuleHandleA
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
CloseHandle
GetConsoleMode
InterlockedDecrement
DeleteCriticalSection
InitializeCriticalSection
GetModuleFileNameW
LoadLibraryExW
MultiByteToWideChar
GetLastError
EnterCriticalSection
RaiseException
LeaveCriticalSection
GetConsoleCP
WideCharToMultiByte
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
ExitProcess
Sleep
HeapCreate
TlsFree
TlsSetValue
VirtualQuery
TlsAlloc
TlsGetValue
GetModuleFileNameA
GetStdHandle
lstrcmpiW
GetModuleHandleW
GetProcAddress
lstrlenW
FreeLibrary
FindResourceExW
FindResourceW
LoadResource
LockResource
SetFilePointer
SizeofResource
HeapFree
GetProcessHeap
HeapDestroy
HeapAlloc
HeapReAlloc
HeapSize
InterlockedCompareExchange
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
GlobalAddAtomA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
RtlUnwind
GetSystemTimeAsFileTime
WriteFile

user32

IsDlgButtonChecked
CheckDlgButton
ReleaseCapture
UpdateWindow
ShowCursor
SetCapture
SetFocus
GetCursorPos
CallWindowProcW
DefWindowProcW
SendDlgItemMessageW
DestroyIcon
EnableWindow
FindWindowW
ShowWindow
LoadImageW
EndDialog
GetWindowTextLengthW
GetWindow
GetWindowLongW
MonitorFromWindow
GetMonitorInfoW
GetWindowRect
GetParent
GetClientRect
MapWindowPoints
SetWindowPos
GetDlgItem
SetDlgItemTextW
EnumChildWindows
GetWindowTextW
SetWindowTextW
SetTimer
KillTimer
SetWindowLongW
DialogBoxParamW
PostMessageW
CharNextW
UnregisterClassA
IsWindow
SendMessageW

advapi32

RegCloseKey
RegQueryInfoKeyW
RegEnumKeyExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegEnumValueW
RegDeleteKeyW

shell32

SHGetSpecialFolderPathW

ole32

CoTaskMemAlloc
CoCreateInstance
CoTaskMemRealloc
CoTaskMemFree

oleaut32

SysAllocString
VariantClear
SysStringLen
SysFreeString
VarUI4FromStr

shlwapi

PathRemoveFileSpecW
PathAppendW

comctl32

ImageList_Create
ImageList_LoadImageW
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Destroy
ImageList_BeginDrag
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_EndDrag

Exports

Exports

??4Cbookmarksplugin@@QAEAAV0@ABV0@@Z
IsUnicode
PlugCreate
PlugInit
PlugInvoke
PlugTerm

Sections

.text
Size: 183KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bubble_permissions.html
build
caching_banner.html
.html .js polyglot
chevron.bmp
component.xsl
efolder.bmp
email.bmp
email2.bmp
emailchecker_plugin.dll
.dll windows:5 windows x86 arch:x86

12417e76af468159503b8e5ed44b08c9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Work\.Current\Freecause\Trunk\SVN.Trunk\package\emailchecker_plugin.pdb

Imports

wsock32

closesocket
send
recv
connect
inet_ntoa
WSACleanup
htons
gethostbyname
socket
WSAStartup

wininet

InternetGetCookieA
InternetReadFile
HttpQueryInfoA
HttpSendRequestW
HttpAddRequestHeadersA
InternetSetOptionW
InternetQueryOptionW
HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetCrackUrlA
InternetCloseHandle
InternetSetCookieW

kernel32

FindResourceW
FindResourceExW
RaiseException
InitializeCriticalSection
DeleteCriticalSection
lstrlenW
WideCharToMultiByte
GetLastError
lstrlenA
MultiByteToWideChar
InterlockedDecrement
GetProcAddress
LoadLibraryW
GetModuleFileNameW
FreeLibrary
GetModuleHandleW
lstrcmpiW
LoadLibraryExW
InterlockedIncrement
CreateEventW
CreateThread
SetThreadPriority
ResumeThread
WaitForSingleObject
SetEvent
CloseHandle
SetLastError
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
lstrcmpW
TerminateThread
ResetEvent
Sleep
CreateMutexW
ReleaseMutex
GetThreadPriority
GetCurrentThread
GetStringTypeW
GetStringTypeA
LCMapStringA
SetFilePointer
GetLocaleInfoA
GetModuleHandleA
GetTimeZoneInformation
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
LoadResource
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
InitializeCriticalSectionAndSpinCount
GetStartupInfoA
SetHandleCount
GetConsoleMode
GetConsoleCP
GetFileType
SetStdHandle
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameA
GetStdHandle
WriteFile
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
RtlUnwind
GetCommandLineA
VirtualQuery
GetSystemInfo
VirtualProtect
ExitProcess
ExitThread
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
InterlockedCompareExchange
GetProcessHeap
HeapFree
GlobalAddAtomA
LockResource
SizeofResource
SetEnvironmentVariableA
CompareStringW
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
GetConsoleOutputCP
WriteConsoleA
WriteConsoleW
FlushFileBuffers
ReadFile
CreateFileA
CompareStringA
GetEnvironmentStringsW

user32

SetTimer
PostMessageW
MsgWaitForMultipleObjects
KillTimer
GetParent
DialogBoxParamW
IsDlgButtonChecked
CheckDlgButton
EnableWindow
GetActiveWindow
SendMessageW
GetClientRect
GetDlgItem
FindWindowW
UnregisterClassA
SetDlgItemTextW
SetWindowLongW
GetFocus
CharNextW
GetWindowLongW
DefWindowProcW
CallWindowProcW
PostThreadMessageW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
RegisterClassExW
LoadCursorW
DestroyAcceleratorTable
GetDesktopWindow
CheckRadioButton
ShowWindow
SendDlgItemMessageW
EndDialog
GetDlgItemTextW
MonitorFromWindow
GetMonitorInfoW
GetWindowRect
MapWindowPoints
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
BeginPaint
EndPaint
IsChild
ReleaseDC
SetFocus
GetWindow
IsWindow
GetClassNameW
GetSysColor
SetWindowPos
RedrawWindow
GetClassInfoExW
CreateWindowExW
DestroyWindow
CreateAcceleratorTableW
ClientToScreen
ScreenToClient
MoveWindow
SetCapture
ReleaseCapture
FillRect
InvalidateRgn
InvalidateRect
GetDC

gdi32

CreateCompatibleBitmap
SelectObject
DeleteObject
CreateCompatibleDC
DeleteDC
GetStockObject
GetObjectW
GetDeviceCaps
BitBlt
CreateSolidBrush

advapi32

RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegQueryValueExW
RegEnumValueW
RegCloseKey
RegCreateKeyExW

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW

ole32

OleUninitialize
CoGetClassObject
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoInitialize
CoUninitialize
CreateStreamOnHGlobal
StringFromGUID2
OleLockRunning
OleInitialize
CLSIDFromString
CLSIDFromProgID

oleaut32

VariantChangeType
VariantCopy
VarBstrCmp
SysAllocStringLen
VariantClear
LoadTypeLi
LoadRegTypeLi
SysStringLen
OleCreateFontIndirect
VarUI4FromStr
SysFreeString
SysAllocString
VariantInit

shlwapi

PathAppendW
PathRemoveFileSpecW

crypt32

CertCloseStore

secur32

EncryptMessage
FreeContextBuffer
DeleteSecurityContext
AcquireCredentialsHandleW
QueryContextAttributesW
DecryptMessage
InitializeSecurityContextW
ApplyControlToken
FreeCredentialsHandle

Exports

Exports

IsUnicode
PlugCreate
PlugInit
PlugInvoke
PlugTerm

Sections

.text
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
facebook.feature
fbrss.xsl
ff.xsl
folder.bmp
gedit.exe
.exe windows:5 windows x86 arch:x86

a795589b34089fa942ee977fd356efd0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

UuidFromStringA

shlwapi

PathFileExistsA

kernel32

FlushFileBuffers
GetLastError
DeleteFileA
InterlockedIncrement
InterlockedDecrement
Sleep
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetCommandLineA
RaiseException
RtlUnwind
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetCPInfo
HeapAlloc
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
WriteFile
GetConsoleCP
GetConsoleMode
SetFilePointer
ReadFile
InterlockedCompareExchange
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
CloseHandle
GetACP
GetOEMCP
IsValidCodePage
HeapSize
ExitProcess
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
InitializeCriticalSectionAndSpinCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA
LoadLibraryA
GetLocaleInfoW
CreateFileW
SetEndOfFile
GetProcessHeap

Sections

.text
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
iefavelem.bmp
images/msgbox/down.gif
.gif
images/msgbox/hr.bmp
images/msgbox/mark.png
.png
images/msgbox/mark_do.png
.png
images/msgbox/mark_na.png
.png
images/msgbox/navbg.bmp
images/msgbox/refresh.png
.png
images/msgbox/refresh_do.png
.png
images/msgbox/refresh_na.png
.png
images/msgbox/trash.png
.png
images/msgbox/trash_do.png
.png
images/msgbox/trash_na.png
.png
images/msgbox/unmark.png
.png
images/msgbox/unmark_do.png
.png
images/msgbox/unmark_na.png
.png
images/msgbox/up.gif
.gif
images/ticker/left.gif
images/ticker/right.gif
images/weather/0.bmp
images/weather/1.bmp
images/weather/10.bmp
images/weather/11.bmp
images/weather/12.bmp
images/weather/13.bmp
images/weather/14.bmp
images/weather/15.bmp
images/weather/16.bmp
images/weather/17.bmp
images/weather/18.bmp
images/weather/19.bmp
images/weather/2.bmp
images/weather/20.bmp
images/weather/21.bmp
images/weather/22.bmp
images/weather/23.bmp
images/weather/24.bmp
images/weather/25.bmp
images/weather/26.bmp
images/weather/27.bmp
images/weather/28.bmp
images/weather/29.bmp
images/weather/3.bmp
images/weather/30.bmp
images/weather/31.bmp
images/weather/32.bmp
images/weather/33.bmp
images/weather/34.bmp
images/weather/35.bmp
images/weather/36.bmp
images/weather/37.bmp
images/weather/38.bmp
images/weather/39.bmp
images/weather/4.bmp
images/weather/40.bmp
images/weather/41.bmp
images/weather/42.bmp
images/weather/43.bmp
images/weather/44.bmp
images/weather/45.bmp
images/weather/46.bmp
images/weather/47.bmp
images/weather/5.bmp
images/weather/6.bmp
images/weather/7.bmp
images/weather/8.bmp
images/weather/9.bmp
images/weather/hr.bmp
images/weather/na.bmp
images/weather/png/0.png
.png
images/weather/png/1.png
.png
images/weather/png/10.png
.png
images/weather/png/11.png
.png
images/weather/png/12.png
.png
images/weather/png/13.png
.png
images/weather/png/14.png
.png
images/weather/png/15.png
.png
images/weather/png/16.png
.png
images/weather/png/17.png
.png
images/weather/png/18.png
.png
images/weather/png/19.png
.png
images/weather/png/2.png
.png
images/weather/png/20.png
.png
images/weather/png/21.png
.png
images/weather/png/22.png
.png
images/weather/png/23.png
.png
images/weather/png/24.png
.png
images/weather/png/25.png
.png
images/weather/png/26.png
.png
images/weather/png/27.png
.png
images/weather/png/28.png
.png
images/weather/png/29.png
.png
images/weather/png/3.png
.png
images/weather/png/30.png
.png
images/weather/png/31.png
.png
images/weather/png/32.png
.png
images/weather/png/33.png
.png
images/weather/png/34.png
.png
images/weather/png/35.png
.png
images/weather/png/36.png
.png
images/weather/png/37.png
.png
images/weather/png/38.png
.png
images/weather/png/39.png
.png
images/weather/png/4.png
.png
images/weather/png/40.png
.png
images/weather/png/41.png
.png
images/weather/png/42.png
.png
images/weather/png/43.png
.png
images/weather/png/44.png
.png
images/weather/png/45.png
.png
images/weather/png/46.png
.png
images/weather/png/47.png
.png
images/weather/png/5.png
.png
images/weather/png/6.png
.png
images/weather/png/7.png
.png
images/weather/png/8.png
.png
images/weather/png/9.png
.png
images/weather/png/na.png
.png
location.xsl
magglass.ico
manage_bookmarks.html
.html .js polyglot
marquee.html
marquee_permissions.html
messaging.bmp
minus.bmp
msgbox_bubble.tmpl
.html .js polyglot
msgbox_openmsg.tmpl
.html
msgboxplugin.dll
.dll windows:5 windows x86 arch:x86

f5bf42725c49d4c113e19d01bba98d36

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Work\.Current\Freecause\Trunk\SVN.Trunk\package\msgboxplugin.pdb

Imports

kernel32

GlobalLock
GlobalAlloc
MulDiv
lstrcmpW
FreeLibrary
GetModuleHandleW
lstrcmpiW
LoadLibraryExW
WaitForSingleObject
CreateEventW
CloseHandle
CreateThread
SetThreadPriority
ResumeThread
SetEvent
CreateDirectoryW
CopyFileW
TerminateThread
ResetEvent
GetCurrentProcessId
GetFullPathNameW
GetFileSize
FindFirstFileW
WriteFile
Sleep
ReadFile
CreateFileW
FindClose
FindNextFileW
GetFileAttributesExW
lstrcpyW
lstrlenA
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GlobalUnlock
GetStringTypeW
GetStringTypeA
LCMapStringA
GetConsoleMode
GetConsoleCP
GetProcAddress
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetTimeZoneInformation
GetModuleHandleA
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapCreate
ExitProcess
GetModuleFileNameA
GetStdHandle
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
RtlUnwind
GetCommandLineA
ExitThread
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FlushInstructionCache
GetCurrentProcess
SetLastError
RaiseException
GetCurrentThreadId
GetLastError
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryW
GetModuleFileNameW
WideCharToMultiByte
lstrlenW
MultiByteToWideChar
FindResourceExW
EnterCriticalSection
FindResourceW
LoadResource
LockResource
TerminateProcess
GlobalAddAtomA
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
SizeofResource
InterlockedDecrement
LeaveCriticalSection
SetFilePointer
VirtualQuery

user32

EndPaint
FindWindowW
UnregisterClassA
KillTimer
PostMessageW
SetTimer
RegisterClassExW
LoadCursorW
DefWindowProcW
SetWindowLongW
GetWindowLongW
DestroyAcceleratorTable
GetDesktopWindow
ReleaseDC
GetDC
InvalidateRect
CallWindowProcW
InvalidateRgn
GetClientRect
FillRect
ReleaseCapture
SetCapture
MoveWindow
ScreenToClient
GetParent
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
PostThreadMessageW
SetForegroundWindow
ShowWindow
ClientToScreen
MonitorFromWindow
GetMonitorInfoW
GetWindowRect
MapWindowPoints
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
BeginPaint
DestroyIcon
IsChild
GetFocus
SetFocus
GetWindow
GetDlgItem
SendMessageW
IsWindow
GetClassNameW
GetSysColor
CharNextW
SetWindowPos
RedrawWindow
GetClassInfoExW
CreateWindowExW
DestroyWindow
CreateAcceleratorTableW

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
DeleteObject
BitBlt
DeleteDC
GetStockObject
GetObjectW
GetDeviceCaps
CreateSolidBrush

advapi32

RegSetValueExW
RegCloseKey
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteValueW
RegCreateKeyExW
RegOpenKeyExW
RegDeleteKeyW

ole32

CoTaskMemRealloc
CoTaskMemFree
OleInitialize
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
CoCreateInstance
CreateStreamOnHGlobal
OleLockRunning
StringFromGUID2
CoTaskMemAlloc
OleUninitialize
CoInitialize
CoUninitialize

oleaut32

VariantClear
SysAllocString
VariantChangeType
OleCreateFontIndirect
SysStringLen
LoadRegTypeLi
LoadTypeLi
SysAllocStringLen
DispCallFunc
VarUI4FromStr
VarBstrCmp
VariantInit
SysFreeString
VariantCopy

shlwapi

PathAppendW
PathRemoveFileSpecW

comctl32

ImageList_GetIcon
ImageList_Destroy
ImageList_LoadImageW

wininet

InternetCrackUrlA
InternetOpenA
InternetConnectA
HttpOpenRequestA
InternetQueryOptionW
InternetSetOptionW
HttpAddRequestHeadersA
HttpSendRequestW
HttpQueryInfoA
InternetReadFile
InternetCloseHandle

Exports

Exports

IsUnicode
PlugCreate
PlugInit
PlugInvoke
PlugTerm

Sections

.text
Size: 201KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
offline.html
.html .js polyglot
plus.bmp
podcast.bmp
podcast.xsl
radio.bmp
resize.bmp
rssfeed.bmp
search.xsl
skins/radio/gray03/Equalizer1.bmp
skins/radio/gray03/Equalizer2.bmp
skins/radio/gray03/Equalizer3.bmp
skins/radio/gray03/Equalizer4.bmp
skins/radio/gray03/Equalizer5.bmp
skins/radio/gray03/Equalizer6.bmp
skins/radio/gray03/btn_dropdwn_down.bmp
skins/radio/gray03/btn_dropdwn_over.bmp
skins/radio/gray03/btn_dropdwn_up.bmp
skins/radio/gray03/btn_max_down.bmp
skins/radio/gray03/btn_max_over.bmp
skins/radio/gray03/btn_max_up.bmp
skins/radio/gray03/btn_min_down.bmp
skins/radio/gray03/btn_min_over.bmp
skins/radio/gray03/btn_min_up.bmp
skins/radio/gray03/btn_pause_down.bmp
skins/radio/gray03/btn_pause_over.bmp
skins/radio/gray03/btn_pause_up.bmp
skins/radio/gray03/btn_play_down.bmp
skins/radio/gray03/btn_play_over.bmp
skins/radio/gray03/btn_play_up.bmp
skins/radio/gray03/btn_playcntrl_over.bmp
skins/radio/gray03/btn_playcntrl_up.bmp
skins/radio/gray03/btn_stop_down.bmp
skins/radio/gray03/btn_stop_over.bmp
skins/radio/gray03/btn_stop_up.bmp
skins/radio/gray03/btn_volcntrl_over.bmp
skins/radio/gray03/btn_volcntrl_up.bmp
skins/radio/gray03/playcntrl_bg.bmp
skins/radio/gray03/radio.bmp
skins/radio/gray03/radio_mask.bmp
skins/radio/gray03/radio_minimalized.bmp
skins/radio/gray03/radio_minimalized_mask.bmp
skins/radio/gray03/station.bmp
skins/radio/gray03/vol_01.bmp
skins/radio/gray03/vol_02.bmp
skins/radio/gray03/vol_03.bmp
skins/radio/gray03/volslide_bg.bmp
skins/radio/gray03/volslide_track.bmp
star_on.gif
.gif
update_progress.html
.html .js polyglot
version.txt
version.xsl
weather_bubble.tmpl
.html .js polyglot
weatherplugin.dll
.dll windows:5 windows x86 arch:x86

36574711ddac880ec666c66830955202

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Work\.Current\Freecause\Trunk\SVN.Trunk\package\weatherplugin.pdb

Imports

kernel32

lstrlenA
MultiByteToWideChar
RaiseException
GetProcAddress
LoadLibraryW
GetModuleFileNameW
InitializeCriticalSection
DeleteCriticalSection
GetFullPathNameW
GetFileSize
FindFirstFileW
InterlockedDecrement
GetModuleHandleW
WriteFile
Sleep
CopyFileW
ReadFile
CreateFileW
SetLastError
FindClose
FindNextFileW
GetFileAttributesExW
CloseHandle
lstrcpyW
FreeLibrary
lstrcmpiW
GetLastError
LoadLibraryExW
InterlockedIncrement
CreateEventW
CreateThread
SetThreadPriority
ResumeThread
SetEvent
CreateDirectoryW
ResetEvent
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WideCharToMultiByte
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringA
GetConsoleMode
GetConsoleCP
SetFilePointer
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetModuleHandleA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
TerminateThread
WaitForSingleObject
lstrlenW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
LeaveCriticalSection
EnterCriticalSection
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameA
GetStdHandle
VirtualQuery
HeapCreate
ExitProcess
TlsFree
TlsSetValue
TlsAlloc
GetCurrentThreadId
FlushInstructionCache
WriteConsoleA
GetCurrentProcess
TlsGetValue
GetSystemTimeAsFileTime
RtlUnwind
GetCommandLineA
ExitThread
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GlobalAddAtomA
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
InterlockedCompareExchange
HeapFree
GetProcessHeap
HeapAlloc
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree

user32

SetWindowTextW
GetDlgItem
CallWindowProcW
DefWindowProcW
GetWindowLongW
SetWindowLongW
UnregisterClassA
FindWindowW
CheckRadioButton
SetDlgItemTextW
GetWindowTextW
EnumChildWindows
SetTimer
KillTimer
GetParent
SendMessageW
CreateWindowExW
LoadCursorW
GetClassInfoExW
RegisterClassExW
IsWindow
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
PostThreadMessageW
CharNextW
DestroyWindow
PostMessageW
ShowWindow
IsDlgButtonChecked
GetDlgItemTextW
GetActiveWindow

advapi32

RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegDeleteKeyW
RegCreateKeyExW
RegDeleteValueW

ole32

CoTaskMemAlloc
CoUninitialize
CoCreateInstance
CoInitialize
CoTaskMemRealloc
CoTaskMemFree

oleaut32

VariantClear
SysAllocString
VarBstrCmp
VarUI4FromStr
VariantInit
SysFreeString

shlwapi

PathAppendW
PathRemoveFileSpecW
PathIsDirectoryW
PathFileExistsW
UrlEscapeW

comctl32

PropertySheetW
DestroyPropertySheetPage
CreatePropertySheetPageW

wininet

InternetCrackUrlA
InternetReadFile
HttpQueryInfoA
HttpSendRequestW
HttpAddRequestHeadersA
InternetSetOptionW
InternetQueryOptionW
HttpOpenRequestA
InternetConnectA
InternetCloseHandle
InternetOpenA

Exports

Exports

IsUnicode
PlugCreate
PlugInit
PlugInvoke
PlugTerm

Sections

.text
Size: 191KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/gplunger.dll
.dll windows:5 windows x86 arch:x86

bb24ab9fddb167f7754f91e378a2b052

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
OpenProcess
HeapAlloc
GetProcessHeap
HeapFree
GetCurrentProcessId
CreateProcessW
GetNativeSystemInfo
CreateFileW
InitializeCriticalSection
LocalFree
GetLocaleInfoW
CreateFileA
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
CloseHandle
GetTempFileNameA
FreeLibrary
WideCharToMultiByte
lstrlenW
GetProcAddress
LoadLibraryA
MultiByteToWideChar
lstrlenA
GlobalAlloc
lstrcpynA
lstrcpyA
GlobalFree
InterlockedDecrement
FlushInstructionCache
GetCurrentProcess
GetCurrentThreadId
GetLocaleInfoA
GetUserDefaultLCID
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
InitializeCriticalSectionAndSpinCount
GetModuleHandleA
InterlockedCompareExchange
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
RtlUnwind
RaiseException
HeapCreate
HeapDestroy
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapReAlloc
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
WriteFile
GetConsoleCP
GetConsoleMode
SetFilePointer
ReadFile
Sleep
FlushFileBuffers
ExitProcess
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
HeapSize
SetEndOfFile

user32

MessageBoxA
SendMessageA
GetDlgItem
IsWindow
CallWindowProcA
DefWindowProcA
GetWindowLongA
SetWindowLongA
CallNextHookEx
UnhookWindowsHookEx
GetWindowThreadProcessId
SetWindowsHookExA
FindWindowA

advapi32

GetSidSubAuthority
GetSidSubAuthorityCount
RegSetValueExA
RegDeleteValueA
RegQueryValueExA
RegCloseKey
SetSecurityInfo
SetEntriesInAclA
EqualSid
GetTokenInformation
OpenProcessToken
GetExplicitEntriesFromAclA
GetSecurityInfo
RegOpenKeyExA
DuplicateTokenEx

shell32

DoEnvironmentSubstW
DoEnvironmentSubstA

ole32

CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

GetErrorInfo
SysStringLen
SysFreeString
VariantClear
SysAllocString

shlwapi

UrlEscapeA
PathAppendA

Exports

Exports

addSearch
delSearch
getRequiredPluginsList
justDoIt
launchProtectedIE
parseToolbarVars
urlEncode

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsExec.dll
.dll windows:4 windows x86 arch:x86

053c8c5da7b5f6a2513024b82859e1b0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
lstrcpynA
GlobalReAlloc
GlobalUnlock
GlobalSize
ReadFile
PeekNamedPipe
GetTickCount
CreateProcessA
GetStartupInfoA
CreatePipe
GetVersionExA
GlobalLock
DeleteFileA
lstrcmpiA
TerminateProcess
lstrcatA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
CreateFileA
CloseHandle
CopyFileA
GetTempFileNameA
GlobalFree
GlobalAlloc
GetModuleFileNameA
ExitProcess
WaitForSingleObject
GetCommandLineA
Sleep
lstrlenA
GetExitCodeProcess

user32

SendMessageA
OemToCharBuffA
CharNextA
wsprintfA
CharPrevA
FindWindowExA

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl

Exports

Exports

Exec
ExecToLog
ExecToStack

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 370B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsisFirewall.dll
.dll windows:4 windows x86 arch:x86

1a4c99175e8891c64634680f4f238d51

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
GlobalFree
lstrcpyA
lstrcpynA
GlobalAlloc
InterlockedDecrement
lstrlenA
MultiByteToWideChar
LocalFree

user32

wsprintfA

ole32

OleRun
CoInitialize
CoUninitialize
CoCreateInstance
CLSIDFromProgID
CLSIDFromString

oleaut32

VariantClear
GetErrorInfo
SysFreeString
SysAllocString

msvcrt

??2@YAPAXI@Z
_onexit
__dllonexit
_initterm
free
??1type_info@@UAE@XZ
_CxxThrowException
_adjust_fdiv
??3@YAXPAX@Z
malloc
__CxxFrameHandler

Exports

Exports

AddAuthorizedApplication
RemoveAuthorizedApplication

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 356B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 574B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/options.ini
$PLUGINSDIR/textreplace.dll
.dll windows:4 windows x86 arch:x86

c9b875d3f7604775d782afcb308d92df

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenA
lstrcpynA
GlobalFree
CloseHandle
GlobalAlloc
GetFileSize
SetFilePointer
ReadFile
CreateFileA
WriteFile
SetFileAttributesA
GetFileAttributesA
CopyFileA
lstrcmpiA

user32

CharUpperA

Exports

Exports

_FillReadBuffer
_FindInFile
_FreeReadBuffer
_ReplaceInFile
_Unload

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 669B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/unicode.dll
.dll windows:4 windows x86 arch:x86

05f29a3dc3b7096bfdca7ddbd6b47dd0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
lstrcpyA
lstrcpynA
GlobalAlloc
lstrcmpiA
WriteFile
WideCharToMultiByte
MultiByteToWideChar
CloseHandle
ReadFile
GetFileSize
CreateFileA
GetLastError

Exports

Exports

FileAnsi2Unicode
FileUnicode2Ansi
FileUnicode2UTF8
UnicodeType
__FileAnsi2Unicode
__FileUnicode2Ansi
__FileUnicode2UTF8

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 610B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 358B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ToolbarUpdate.exe
.exe windows:4 windows x86 arch:x86

b4785ab5f09590fd79c781ce7cb4fba2

Code Sign

5d:4f:0e:20:54:2b:7a:df:3f:cf:49:cc:6e:ca:c6:df
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

04/04/2008, 00:00

Not After

25/04/2009, 23:59

Subject

CN=FreeCause\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=FreeCause\, Inc.,L=Boston,ST=Massachusetts,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Work\.Current\Freecause\Trunk\SVN.Trunk\package\ToolbarUpdate.pdb

Imports

shlwapi

PathFileExistsA
UrlIsA
PathRemoveFileSpecA
PathIsDirectoryA

setupapi

SetupIterateCabinetA

kernel32

FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
GetModuleFileNameA
GetProcAddress
InterlockedDecrement
lstrlenA
InterlockedIncrement
CloseHandle
ReadFile
GetFileSize
CreateFileA
CreateDirectoryA
SetLastError
SetFileAttributesA
GlobalAddAtomA
DeleteFileA
GetLastError
LoadLibraryA
CopyFileA
Sleep
FreeLibrary
GetEnvironmentStringsW
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
QueryPerformanceCounter
GetFileType
WriteFile
ExitProcess
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetVersionExA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
VirtualAlloc
IsDebuggerPresent
RtlUnwind
HeapFree
HeapAlloc
GetFileAttributesA
GetCommandLineA
GetProcessHeap
GetStartupInfoA
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree

user32

GetCursorPos
LoadStringA
LoadImageA
LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA
DestroyMenu
DefWindowProcA
UnregisterClassA
TrackPopupMenu
KillTimer
PostMessageA
SetTimer
GetWindowLongA
CreatePopupMenu
AppendMenuA
MessageBoxA
PostQuitMessage
FindWindowA
IsWindow
SendMessageA

gdi32

GetStockObject

shell32

Shell_NotifyIconA

ole32

CoInitialize

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Uninst.exe.nsis
default.xml
.xml
icons.bmp
images/amazon.bmp
images/ebay.bmp
images/email.bmp
images/email2.bmp
images/wikipedia.bmp
images/yahoo.bmp
localization.xml
patch.bat
settings
ticker.html
.html .js polyglot
$TEMPImg/VerControl.exe
.exe windows:4 windows x86 arch:x86

514a9a1e5bae119ec76c5ca238859d46

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

FindCloseUrlCache
FindFirstUrlCacheEntryW
DeleteUrlCacheEntryW
FindNextUrlCacheEntryW

kernel32

GetFileAttributesW
GetFileTime
HeapAlloc
RtlUnwind
HeapFree
GetProcessHeap
GetStartupInfoW
RaiseException
HeapReAlloc
ExitProcess
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
GetModuleFileNameA
FileTimeToLocalFileTime
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
SetErrorMode
GetTickCount
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
WritePrivateProfileStringW
FileTimeToSystemTime
lstrlenA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalFlags
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetCurrentProcessId
CloseHandle
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
GetModuleHandleA
GetThreadLocale
InterlockedIncrement
WideCharToMultiByte
InterlockedDecrement
GetModuleFileNameW
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
LoadLibraryW
FreeLibrary
CompareStringW
LoadLibraryA
lstrcmpW
GetModuleHandleW
GetProcAddress
GetVersionExA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
lstrlenW
MulDiv
SetLastError
GetLastError
MultiByteToWideChar
Sleep
FindResourceW
LoadResource
LockResource
SizeofResource
GetCPInfo

user32

GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatW
PostThreadMessageW
CopyAcceleratorTableW
UnregisterClassW
DestroyMenu
LoadCursorW
GetSysColorBrush
SetWindowContextHelpId
MapDialogRect
GetDesktopWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
SetCursor
GetMessageW
TranslateMessage
GetCursorPos
ValidateRect
PostQuitMessage
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
CharNextW
IsWindowEnabled
MoveWindow
SetWindowTextW
IsDialogMessageW
CharUpperW
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
IsWindow
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetClientRect
GetMenu
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetWindowLongW
ReleaseCapture
SetCapture
InvalidateRgn
InvalidateRect
SetRect
IsRectEmpty
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetWindow
GetMenuItemID
GetMenuItemCount
GetSubMenu
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
GetActiveWindow
ShowWindow
SetWindowLongW
SetTimer
PostMessageW
EnableWindow
GetParent
GetWindowRect
SendMessageW
UnregisterClassA
SetFocus

gdi32

SetWindowExtEx
ScaleWindowExtEx
RectVisible
ExtSelectClipRgn
DeleteDC
CreateRectRgnIndirect
GetRgnBox
GetMapMode
PtVisible
GetWindowExtEx
GetViewportExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
GetDeviceCaps
CreateBitmap
DeleteObject
SetMapMode
RestoreDC
SaveDC
GetTextColor
GetBkColor
GetStockObject
GetObjectW
SetBkColor
SetTextColor
GetClipBox
TextOutW

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegCreateKeyExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shlwapi

PathFindFileNameW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleIsCurrentClipboard
OleUninitialize
CoTaskMemAlloc
CoTaskMemFree
OleFlushClipboard
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject

oleaut32

VariantClear
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantCopy
OleCreateFontIndirect
VariantChangeType
SafeArrayCreate
SafeArrayPutElement
SafeArrayDestroy
SafeArrayCreateVector
VariantInit
SafeArrayAccessData
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayUnaccessData
SysAllocString
SysStringLen
SysAllocStringLen
SysFreeString

Sections

.text
Size: 220KB - Virtual size: 219KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$TEMPImg/askToolbarInstaller-1.9.1.0.exe
.exe windows:5 windows x86 arch:x86

206513a2c97fa61166fe9ae13d91d955

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

28:6f:8a:30:e2:ea:c6:96:5b:93:6f:82:6a:05:30:5d
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

17/06/2008, 00:00

Not After

17/06/2011, 23:59

Subject

CN=Ask.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Distribution,O=Ask.com,L=Oakland,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6b:9b:f7:54:4a:13:f8:e0:8b:e3:76:a7:37:62:54:4d:10:5f:7d:c2
Signer

Actual PE Digest

6b:9b:f7:54:4a:13:f8:e0:8b:e3:76:a7:37:62:54:4d:10:5f:7d:c2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\hudson\jobs\ToolbarCore-1.9.1.0\workspace\build\ToolbarCore\toolbar\ie\src\toolbar\wrapper\Release\externalwrapper.pdb

Imports

shlwapi

StrCmpNIW
StrStrIW
PathFileExistsW
SHDeleteValueW

msi

ord70

kernel32

FindResourceW
FreeLibrary
LoadResource
GetCurrentProcess
WaitForSingleObject
GetModuleHandleW
WriteFile
WideCharToMultiByte
LoadLibraryW
SizeofResource
GetVersionExW
GetExitCodeProcess
CreateFileW
MultiByteToWideChar
lstrlenW
GetTempPathW
lstrlenA
GetLastError
GetProcAddress
FindClose
GetLocalTime
GetSystemInfo
lstrcmpiW
CloseHandle
FileTimeToLocalFileTime
DeleteFileW
CreateFileA
SetFilePointer
ReadFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetTempFileNameW
FileTimeToDosDateTime
SetEndOfFile
GetProcessHeap
FindFirstFileA
TerminateProcess
HeapSize
FlushFileBuffers
SetStdHandle
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetCurrentProcessId
HeapFree
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
GetStartupInfoW
RaiseException
RtlUnwind
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
Sleep
ExitProcess
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetFileType
GetStartupInfoA
GetConsoleCP
GetConsoleMode
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
QueryPerformanceCounter
GetTickCount

user32

GetSystemMetrics
MessageBoxW

advapi32

RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegEnumValueW
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW

shell32

ShellExecuteExW

ole32

CoCreateGuid
StringFromGUID2

wininet

InternetCrackUrlW
HttpQueryInfoW
InternetOpenW
InternetReadFile
HttpAddRequestHeadersA
HttpSendRequestA
HttpEndRequestW
InternetConnectW
HttpOpenRequestW
InternetSetOptionW
InternetCloseHandle
HttpSendRequestExW

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMPImg/chk.exe
.exe windows:4 windows x86 arch:x86

514a9a1e5bae119ec76c5ca238859d46

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

FindCloseUrlCache
FindFirstUrlCacheEntryW
DeleteUrlCacheEntryW
FindNextUrlCacheEntryW

kernel32

GetFileAttributesW
GetFileTime
HeapAlloc
RtlUnwind
HeapFree
GetProcessHeap
GetStartupInfoW
RaiseException
HeapReAlloc
ExitProcess
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
GetModuleFileNameA
FileTimeToLocalFileTime
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
SetErrorMode
GetTickCount
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
WritePrivateProfileStringW
FileTimeToSystemTime
lstrlenA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalFlags
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetCurrentProcessId
CloseHandle
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
GetModuleHandleA
GetThreadLocale
InterlockedIncrement
WideCharToMultiByte
InterlockedDecrement
GetModuleFileNameW
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
LoadLibraryW
FreeLibrary
CompareStringW
LoadLibraryA
lstrcmpW
GetModuleHandleW
GetProcAddress
GetVersionExA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
lstrlenW
MulDiv
SetLastError
GetLastError
MultiByteToWideChar
Sleep
FindResourceW
LoadResource
LockResource
SizeofResource
GetCPInfo

user32

GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatW
PostThreadMessageW
CopyAcceleratorTableW
UnregisterClassW
DestroyMenu
LoadCursorW
GetSysColorBrush
SetWindowContextHelpId
MapDialogRect
GetDesktopWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
SetCursor
GetMessageW
TranslateMessage
GetCursorPos
ValidateRect
PostQuitMessage
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
CharNextW
IsWindowEnabled
MoveWindow
SetWindowTextW
IsDialogMessageW
CharUpperW
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
IsWindow
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetClientRect
GetMenu
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetWindowLongW
ReleaseCapture
SetCapture
InvalidateRgn
InvalidateRect
SetRect
IsRectEmpty
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetWindow
GetMenuItemID
GetMenuItemCount
GetSubMenu
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
GetActiveWindow
ShowWindow
SetWindowLongW
SetTimer
PostMessageW
EnableWindow
GetParent
GetWindowRect
SendMessageW
UnregisterClassA
SetFocus

gdi32

SetWindowExtEx
ScaleWindowExtEx
RectVisible
ExtSelectClipRgn
DeleteDC
CreateRectRgnIndirect
GetRgnBox
GetMapMode
PtVisible
GetWindowExtEx
GetViewportExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
GetDeviceCaps
CreateBitmap
DeleteObject
SetMapMode
RestoreDC
SaveDC
GetTextColor
GetBkColor
GetStockObject
GetObjectW
SetBkColor
SetTextColor
GetClipBox
TextOutW

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegCreateKeyExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shlwapi

PathFindFileNameW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleIsCurrentClipboard
OleUninitialize
CoTaskMemAlloc
CoTaskMemFree
OleFlushClipboard
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject

oleaut32

VariantClear
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantCopy
OleCreateFontIndirect
VariantChangeType
SafeArrayCreate
SafeArrayPutElement
SafeArrayDestroy
SafeArrayCreateVector
VariantInit
SafeArrayAccessData
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayUnaccessData
SysAllocString
SysStringLen
SysAllocStringLen
SysFreeString

Sections

.text
Size: 220KB - Virtual size: 219KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Uninst.exe
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 56KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/Processes.dll
.dll windows:4 windows x86 arch:x86

f5edecae12589e705677a6e272ad0394

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
FreeLibrary
OpenProcess
CloseHandle
TerminateProcess
GlobalFree
lstrcpyA
GetCommandLineA
GetVersionExA
ExitProcess
GetModuleHandleA
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
UnhandledExceptionFilter
DisableThreadLibraryCalls
WriteFile
SetFilePointer
HeapAlloc
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
HeapReAlloc
RtlUnwind
InterlockedExchange
VirtualQuery
SetStdHandle
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers
GetLocaleInfoA
VirtualProtect
GetSystemInfo

user32

FindWindowA
GetDesktopWindow
wsprintfA
UpdateWindow

Exports

Exports

FindDevice
FindProcess
KillProcess

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMPImg/ioClean.ini
ADPicker.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
AxInterop.MSTSCLib.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
AxInterop.WFICALib.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ComponentFactory.Krypton.Toolkit.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\ComponentFactory\Build\Dotfuscator\Obfuscated\ComponentFactory.Krypton.Toolkit.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 840KB - Virtual size: 838KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 4KB - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DiffieHellman.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Icons/Anti Virus.ico
Icons/Backup.ico
Icons/Build Server.ico
Icons/Database.ico
Icons/Domain Controller.ico
Icons/ESX.ico
Icons/Fax.ico
Icons/File Server.ico
Icons/Linux.ico
Icons/Mail Server.ico
Icons/Remote Desktop.ico
Icons/SharePoint.ico
Icons/Tel.ico
Icons/Terminal Server.ico
Icons/Test Server.ico
Icons/Virtual Machine.ico
Icons/Web Server.ico
Icons/WiFi.ico
Icons/Windows.ico
Icons/Workstation.ico
Interop.EOLWTSCOM.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Interop.MSTSCLib.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 200KB - Virtual size: 198KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Interop.WFICALib.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IrisSkin2.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.textxc
Size: 528KB - Virtual size: 525KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.datax
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 86B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 988B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
License.txt
MagicLibrary.DLL
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Magic\Public\Source\MagicLibrary\obj\Debug\MagicLibrary.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 384KB - Virtual size: 380KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Org.Mentalis.Security.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 168KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Putty.exe
.exe windows:4 windows x86 arch:x86

bc07e7b366ac9ad23951888606f0f0fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegCreateKeyA
RegSetValueExA
RegOpenKeyA
RegQueryValueExA
RegDeleteKeyA
RegEnumKeyA

comctl32

ord14
ord15
ord17
ord13

comdlg32

GetOpenFileNameA
ChooseFontA
ChooseColorA
GetSaveFileNameA

gdi32

CreateBitmap
IntersectClipRect
ExcludeClipRect
UpdateColors
DeleteDC
GetTextExtentPoint32A
CreateCompatibleDC
DeleteObject
TextOutA
SetBkColor
SetTextColor
Rectangle
CreateSolidBrush
GetStockObject
SelectObject
CreateFontIndirectA
GetTextExtentExPointA
SetMapMode
GetDeviceCaps
RealizePalette
SelectPalette
CreatePalette
ExtTextOutA
GetCharacterPlacementW
ExtTextOutW
GetPixel
SetBkMode
SetTextAlign
CreateCompatibleBitmap
TranslateCharsetInfo
GetObjectA
GetTextMetricsA
CreateFontA
LineTo
MoveToEx
CreatePen
SetPixel
Polyline
GetCharWidthW
GetCharWidth32W
GetCharWidthA
GetCharWidth32A
SetPaletteEntries
UnrealizeObject

imm32

ImmReleaseContext
ImmGetCompositionStringW
ImmSetCompositionFontA
ImmGetContext
ImmSetCompositionWindow

shell32

ShellExecuteA

user32

SetForegroundWindow
CreateMenu
GetDoubleClickTime
WinHelpA
GetForegroundWindow
GetClipboardOwner
FindWindowA
MessageBoxIndirectA
GetQueueStatus
UpdateWindow
DefWindowProcA
InvalidateRect
SetWindowPos
EndPaint
GetWindowTextA
GetWindowTextLengthA
GetClientRect
BeginPaint
SetWindowTextA
PeekMessageA
MsgWaitForMultipleObjects
IsWindow
CreateCaret
ShowCaret
HideCaret
DestroyCaret
TranslateMessage
EnableMenuItem
GetCursorPos
TrackPopupMenu
GetKeyboardLayout
SetKeyboardState
ToAsciiEx
SetScrollInfo
GetMessageTime
PostMessageA
GetSystemMenu
CheckMenuItem
IsZoomed
FlashWindow
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SetCaretPos
KillTimer
SetTimer
GetKeyboardState
SetClassLongA
SetCursor
ShowCursor
CreatePopupMenu
InsertMenuA
DeleteMenu
AppendMenuA
IsIconic
GetSystemMetrics
GetCapture
ReleaseCapture
LoadIconA
GetDesktopWindow
MoveWindow
DefDlgProcA
LoadCursorA
CreateDialogParamA
GetMessageA
GetWindowLongA
IsDialogMessageA
DispatchMessageA
PostQuitMessage
EnableWindow
DialogBoxParamA
EndDialog
GetParent
SetActiveWindow
GetWindowPlacement
SetWindowPlacement
RegisterWindowMessageA
DrawEdge
SetCapture
MessageBoxA
SetFocus
GetDlgItem
GetDlgItemTextA
SetDlgItemTextA
CheckDlgButton
IsDlgButtonChecked
CheckRadioButton
SetWindowLongA
MessageBeep
SendDlgItemMessageA
GetDC
ReleaseDC
SendMessageA
MapDialogRect
GetCaretBlinkTime
DestroyWindow
RegisterClassA
GetSysColor
SystemParametersInfoA
GetWindowRect
CreateWindowExA
ShowWindow
RegisterClipboardFormatA

winmm

PlaySoundA

winspool.drv

StartDocPrinterA
WritePrinter
EndDocPrinter
ClosePrinter
EnumPrintersA
EndPagePrinter
StartPagePrinter
OpenPrinterA

kernel32

SetEnvironmentVariableA
CompareStringW
CompareStringA
HeapSize
SetEndOfFile
InterlockedExchange
RtlUnwind
SetStdHandle
SetFilePointer
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
VirtualFree
HeapCreate
HeapDestroy
LCMapStringW
LCMapStringA
GetFileType
GetStdHandle
SetHandleCount
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
GetTimeZoneInformation
FlushFileBuffers
GetStringTypeW
GetStringTypeA
GetCommandLineA
GetStartupInfoA
GetSystemTimeAsFileTime
DeleteFileA
TerminateProcess
ExitProcess
HeapFree
HeapReAlloc
HeapAlloc
GetDateFormatA
GetTimeFormatA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetACP
GetLocalTime
GetEnvironmentVariableA
SetCommBreak
CreateFileA
GetCommState
SetCommState
SetCommTimeouts
ClearCommBreak
CreatePipe
SetHandleInformation
GetCurrentThreadId
GetWindowsDirectoryA
FindFirstFileA
FindNextFileA
FindClose
GetCurrentProcessId
QueryPerformanceCounter
GlobalMemoryStatus
GetCurrentThread
GetThreadTimes
GetCurrentProcess
GetProcessTimes
GetSystemTime
GetSystemTimeAdjustment
FreeLibrary
CreateThread
WriteFile
CreateEventA
ReadFile
GetLastError
WaitForSingleObject
GetOverlappedResult
SetEvent
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetModuleFileNameA
CreateProcessA
CloseHandle
Beep
LoadLibraryA
WideCharToMultiByte
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
MultiByteToWideChar
IsDBCSLeadByteEx
GetLocaleInfoA
GetOEMCP
GetCPInfo
lstrcpynA
GetModuleHandleA
GetProcAddress
GetVersionExA
MulDiv
GetTickCount

Sections

.text
Size: 316KB - Virtual size: 313KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
RemoteManager.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\ExternalProjects\mRemote_0.50_Source\MultiRemoteDesktop\obj\Release\mRemote.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 408KB - Virtual size: 407KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 4KB - Virtual size: 135B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
RemoteManager.url
Tamir.SharpSSH.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 184KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Uninst.exe
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 60KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/Processes.dll
.dll windows:4 windows x86 arch:x86

f5edecae12589e705677a6e272ad0394

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
FreeLibrary
OpenProcess
CloseHandle
TerminateProcess
GlobalFree
lstrcpyA
GetCommandLineA
GetVersionExA
ExitProcess
GetModuleHandleA
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
UnhandledExceptionFilter
DisableThreadLibraryCalls
WriteFile
SetFilePointer
HeapAlloc
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
HeapReAlloc
RtlUnwind
InterlockedExchange
VirtualQuery
SetStdHandle
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers
GetLocaleInfoA
VirtualProtect
GetSystemInfo

user32

FindWindowA
GetDesktopWindow
wsprintfA
UpdateWindow

Exports

Exports

FindDevice
FindProcess
KillProcess

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VncSharp.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Dokumente und Einstellungen\fde\Eigene Dateien\Visual Studio 2005\Projects\VncSharp\VncSharp\obj\Release\VncSharp.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
confCons.xml
confConsDefault.xml
eolwtscom.dll
.dll regsvr32 windows:4 windows x86 arch:x86

1b327bdfa624abd933cdda3baa8a8ec4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcatA
DuplicateHandle
InterlockedIncrement
CloseHandle
HeapDestroy
InitializeCriticalSection
DisableThreadLibraryCalls
DeleteCriticalSection
lstrcpynA
lstrcmpiA
FindResourceA
LoadResource
SizeofResource
GetModuleFileNameA
GetModuleHandleA
GetShortPathNameA
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
IsDBCSLeadByte
WritePrivateProfileStringA
GetPrivateProfileStringA
lstrcpyA
GetVersionExA
lstrcatW
SetLastError
lstrlenA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
lstrlenW
WideCharToMultiByte
FreeLibrary
GetCurrentThreadId
LocalFree
GetCurrentProcess
FormatMessageA
GetStringTypeW
HeapCreate
GetStringTypeA
TerminateProcess
ExitProcess
GetVersion
GetCommandLineA
HeapReAlloc
InterlockedExchange
GetLocaleInfoW
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
SetStdHandle
GetLastError
LoadLibraryExA
IsBadCodePtr
HeapFree
RaiseException
RtlUnwind
HeapSize
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetUnhandledExceptionFilter
WriteFile
SetFilePointer
FlushFileBuffers
GetEnvironmentVariableA
VirtualFree
VirtualAlloc
IsBadWritePtr
HeapAlloc
Sleep
IsValidCodePage
IsValidLocale
GetCPInfo
IsBadReadPtr
GetEnvironmentStringsW
ReadFile
GetEnvironmentStrings
GetStdHandle
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetFileType

user32

LoadStringA
wsprintfA
CharNextA

netapi32

NetUserEnum
NetGetDCName
NetLocalGroupEnum
NetWkstaGetInfo
NetWkstaUserGetInfo
NetShareEnum
NetUserAdd
NetUserDel
NetGroupEnum
NetGroupAdd
NetGroupAddUser
NetGroupDel
NetGroupDelUser
NetLocalGroupAddMembers
NetLocalGroupDelMembers
NetLocalGroupGetMembers
NetLocalGroupAdd
NetLocalGroupDel
NetUserSetInfo
NetUserGetInfo
NetUserGetGroups
NetUserGetLocalGroups
NetGroupGetUsers
NetShareAdd
NetGetAnyDCName
NetApiBufferFree
NetServerEnum
NetServerGetInfo

wtsapi32

WTSFreeMemory
WTSSetUserConfigW
WTSShutdownSystem
WTSCloseServer
WTSDisconnectSession
WTSSetUserConfigA
WTSLogoffSession
WTSWaitSystemEvent
WTSTerminateProcess
WTSEnumerateProcessesA
WTSOpenServerA
WTSEnumerateSessionsA
WTSSendMessageA
WTSQueryUserConfigW
WTSQuerySessionInformationA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA
GetSidSubAuthority
GetSidSubAuthorityCount
GetSidIdentifierAuthority
IsValidSid
LookupAccountSidA
RegOpenKeyA
RegConnectRegistryW
LsaClose
LsaFreeMemory
LsaEnumerateTrustedDomains
LsaOpenPolicy
RegDeleteKeyA
RegCreateKeyExA
RegDeleteValueA
RegEnumKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumValueA
LookupPrivilegeDisplayNameA
GetTokenInformation
OpenProcessToken
LookupPrivilegeNameA
GetSidLengthRequired
InitializeSid

ole32

CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
ProgIDFromCLSID
CoTaskMemFree

oleaut32

LoadRegTypeLi
RegisterTypeLi
LoadTypeLi
VarUI4FromStr
VariantClear
CreateErrorInfo
SetErrorInfo
SysAllocString
SysStringLen
SysAllocStringLen
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
help.chm
.chm
icon.ico
mRemote.exe.config
tools/register.exe
.exe windows:4 windows x86 arch:x86

492138ce5716142bee4b8c6ddf19a2c0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCloseHandle
InternetReadFile
InternetOpenA
InternetOpenUrlA

kernel32

SetHandleCount
SetStdHandle
ReadFile
LoadLibraryA
MultiByteToWideChar
RtlUnwind
RaiseException
GetCommandLineA
GetVersion
ExitProcess
HeapFree
TerminateProcess
GetCurrentProcess
HeapAlloc
HeapReAlloc
HeapSize
WideCharToMultiByte
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
IsBadWritePtr
GetLastError
SetFilePointer
FlushFileBuffers
CloseHandle
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
GetProcAddress

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
tools/register_y.exe
.exe windows:4 windows x86 arch:x86

492138ce5716142bee4b8c6ddf19a2c0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCloseHandle
InternetReadFile
InternetOpenA
InternetOpenUrlA

kernel32

SetHandleCount
SetStdHandle
ReadFile
LoadLibraryA
MultiByteToWideChar
RtlUnwind
RaiseException
GetCommandLineA
GetVersion
ExitProcess
HeapFree
TerminateProcess
GetCurrentProcess
HeapAlloc
HeapReAlloc
HeapSize
WideCharToMultiByte
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
IsBadWritePtr
GetLastError
SetFilePointer
FlushFileBuffers
CloseHandle
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
GetProcAddress

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 60KB

.rsrc Size: 16KB - Virtual size: 15KB

2dfc6a992d004b736e85c64219a88b4a

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 1024B - Virtual size: 867B

.data Size: 512B - Virtual size: 172B

.reloc Size: 512B - Virtual size: 266B

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 1024B - Virtual size: 784B

.data Size: 512B - Virtual size: 100B

.reloc Size: 1024B - Virtual size: 520B

9180e4a50ffbbdaaf0efc56a3138c8bf

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shlwapi

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 60KB

.rsrc
Size: 16KB - Virtual size: 15KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 1024B - Virtual size: 867B

.data
Size: 512B - Virtual size: 172B

.reloc
Size: 512B - Virtual size: 266B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 100B

.reloc
Size: 1024B - Virtual size: 520B

.text
Size: 220KB - Virtual size: 219KB

.rdata
Size: 60KB - Virtual size: 59KB

.data
Size: 12KB - Virtual size: 26KB

.rsrc
Size: 36KB - Virtual size: 33KB

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 56KB

.rsrc
Size: 28KB - Virtual size: 28KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 100B

.reloc
Size: 1024B - Virtual size: 520B

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

59:ab:9b:2e:e6:79:14:b7:df:4c:47:95:40:de:c5:61
Certificate

.text
Size: 512B - Virtual size: 510B

.rdata
Size: 1024B - Virtual size: 533B

.data
Size: 512B - Virtual size: 20B

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

3d:f8:af:7b:51:bb:b2:8e:d5:80:38:2d:fa:a1:6e:37
Certificate